The following reply was made to PR misc/18258; it has been noted by GNATS.
From: "Julio M. Merino Vidal" <jmerino%ac.upc.edu@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: Luke Mewburn <lukem%NetBSD.org@localhost>
Subject: Re: misc/18258 (etc/openssl/private should be private by default)
Date: Mon, 21 Jan 2008 16:39:57 +0100
On Jan 21, 2008, at 11:23 AM, lukem%NetBSD.org@localhost wrote:
> Synopsis: etc/openssl/private should be private by default
>
> State-Changed-From-To: open->analyzed
> State-Changed-By: lukem%narn.netbsd.org@localhost
> State-Changed-When: Mon, 21 Jan 2008 10:23:14 +0000
> State-Changed-Why:
> I think that the default should change to 0700, as per this PR>
> Other systems have /etc/openssl/private (or equivalent) set to 0700,
> and it makes sense to me.
> We don't have to follow the permissions or layout of the original
> ("upstream") if they aren't sensible in our world order...
I'll do the change later this week then; I had forgotten about this
PR completely (given that the address it was sent from no longer
exists).